7a8f55576d1dd79c11f0d529bac40775_JaffaCakes118

General

Target

7a8f55576d1dd79c11f0d529bac40775_JaffaCakes118
Size

45KB
MD5

7a8f55576d1dd79c11f0d529bac40775
SHA1

713c89b2652908a5f46e97a075e38600f8d9686e
SHA256

539554fe38a6683665e1a95f302f902f5eb3303aa8491ee72989e076747bd5e6
SHA512

c85c983b692de0583f438869e4508e7e2941e8295f96fc357977c9d0265004a2269e352d57971b8e35a6ec342f0b3e9774d912f79c1426417624ae0578eb4232
SSDEEP

768:JfGg+jx2ijQB2aVBDeppJop0SLprtUpMRPNp+wpkK7GlT0e7FW5hwyYl9EZhlTyB:/+jps2Xpp/oUcPnt6K7G65qyYY3lOYFw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ProtecPlugin.com

Files

7a8f55576d1dd79c11f0d529bac40775_JaffaCakes118
.zip
ProtecPlugin.zip
.zip
ProtecPlugin.com
.exe windows:4 windows x86 arch:x86

30c97053a9870732f6113193a146ff1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord516
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord666
ord667
__vbaAryDestruct
__vbaLateMemSt
ord593
ord594
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
ord631
ord709
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaObjVar
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
ord608
ord716
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
ord579
__vbaVarSetVar
__vbaLateMemCall
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
__vbaVarLateMemCallLd
ord616
__vbaFpI4
__vbaLateMemCallLd
__vbaVarSetObjAddref
__vbaR8IntI2
_CIatan
__vbaStrMove
_allmul
_CItan
ord546
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c97053a9870732f6113193a146ff1f

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 184KB - Virtual size: 181KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 172KB - Virtual size: 168KB

.text
Size: 184KB - Virtual size: 181KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 172KB - Virtual size: 168KB